<?php
session_start();
include "library.php";

//Redirect User if not logged in

if(!isset($_SESSION["username"])){
  header("Location:login.php");
}

//If user presses logout button, close session and redirect

if(isset($_POST["logout"])){	
  session_unset();
  session_destroy();
  header("Location:home.php");
}

//If user is admin, redirect

if($_SESSION["position"] != 1 && $_SESSION["position"] != 2){ //User is not an administrator
  header("Location:members.php");
}

//Print header
print_header($_SESSION["position"], 4);

$pwdb = connectSQLServer("wendlc_teamsci","sdd","");
mysql_select_db("wendlc_TeamSci");

//If the user submitted decisions, process them 

$count_loop = 0;
if(isset($_POST["Submit"])){
  $fileNum2 = $_SESSION["arrayTran"];
  $count = sizeof($fileNum2);
  //Keep displaying so long as number displayed is less than number that need to be displayed

  while($count_loop < $count){
    //Perform a query to update the user entries
    $FileID = $fileNum2[$count_loop];
    if($_POST["PermDec".$FileID.""] == 1){//Approve
      $query = sprintf("UPDATE Files SET ApproveFlag = 0 , Public_Private = 1 WHERE FileID = '%s'",
	  mysql_real_escape_string($FileID,$pwdb));	
    } else if($_POST["PermDec".$FileID.""] == 2){ //Deny
      $query = sprintf("UPDATE Files SET ApproveFlag = 0 , Public_Private = 0 WHERE FileID = '%s'",
	 mysql_real_escape_string($FileID,$pwdb));
    } else if ($_POST["PermDec".$FileID.""] == 3){ //Later
      $query = sprintf("UPDATE Files SET ApproveFlag = 1 , Public_Private = 0 WHERE FileID = '%s'",
	 mysql_real_escape_string($FileID,$pwdb));
    }	
    dbquery($query);
    $count_loop++;       
  }

}

//Provide a list of all pending accounts with a check box in the last col for approve or disapprove

$query = sprintf("SELECT * FROM Files WHERE ApproveFlag = 1 LIMIT 10");
$r = dbquery($query);
//Display in a table format
echo "<table id = \"filetable\"><tr><th>File Name</th><th>Link</th><th>Decision</th></tr>";
echo "<form method = \"POST\">";
$count = 0;

//While there are files that need approval, keep displaying

while($results = mysql_fetch_object($r)){
  //Output all of the data and unique buttons with the userNum as the identifier
  echo "<tr><td>$results->Name</td><td><a href=\"/TEAMSCI/DetailView.php/?file_name=".$results->Name."\">Link</a></td><td><INPUT TYPE = \"radio\" NAME = \"PermDec".$results->FileID."\" VALUE = \"1\">Approve<INPUT TYPE = \"radio\" NAME = \"PermDec".$results->FileID."\" VALUE = \"2\">Deny<INPUT TYPE = \"radio\" NAME = \"PermDec".$results->FileID."\" CHECKED VALUE = \"3\">Do Later</td></tr>";
  //Store the ID's that were displayed so we can check the results of the radio buttons
  $fileNum[$count] = $results->FileID;
  $count++;
}
$_SESSION["arrayTran"] = $fileNum;
echo "</table><BR><BR>";

//Displays a button to submit choices
?>
<INPUT TYPE = "submit" NAME = "Submit" VALUE = "Submit"/>
</form>
<?php


print_footer();
?>